Hi all,

Speaking on behalf of the MultiBit team (Jim's currently on holiday), we will not be supporting Tonal Bitcoins anytime soon. Therefore we back the BIP 21 proposal.

At present MultiBit does not support the "message" or "send" fields but we would be happy to add this functionality as required.

Regarding the idea of a signed URI, it is appealing, however, it may not work. If I understand it correctly, the main idea appears to be to protect a URI from malicious replacement (at MultiBit we were concerned that a Bitcoin "swatch" would be subjected to the same attack vector and we came up with the term "swatch swabbing"). If a Bitcoin URI is served up from a trusted source (e.g. a merchant site over HTTPS) then there is no need for signing. It should be assumed that the merchant will offer a clean room payment area so that no untrusted JavaScript will creep into the final page and wreak havoc.

It would seem that in any situation where the attacker has complete control over the content of the URI they will be able to successfully swab it to match their own fraudulent address. Imagine attempting to protect a QR code posted against a pole attempting to get BTC donations for a charity. How long before that was replaced by a different version operated by the thieves with good signatures all round?

Of course, I may have misunderstood so I would welcome further discussion.

One field that the MultiBit team would like to add to the BIP 21 proposal is "expires" which would contain an ISO8601 formatted date/time in UTC (e.g. "2000-01-01T23:59:59Z"). This would allow merchants to issue Bitcoin URIs that would expose them to a currency/inventory risk for a defined period of time.

Kind regards,

Gary Rowe


PS First post to this list